IT Security Analyst

IT Security Analyst - Security Systems & Operations Location: Arlington, VA Work Type: Onsite
Remote Work: Hybrid - Onsite as needed - must be drivable to Arlington VA
Job Description
Gridiron IT is seeking IT Security Analyst - Security Systems & Operations.

Responsibilities

• Manages and administers a wide range of security systems and tools:
  o Administers cloud-based security tools such as, Azure Security Center (Sentinel, Log Analytics, Azure WAF, Defender for Identity, Privileged Identity Manager); Microsoft 365 Security Suite (Defender, Advanced Threat Protection, Cloud Application Security, Protection Portal); Microsoft Security and Compliance Center; Microsoft Endpoint Manager (Intune); multi-factor authentication (MFA); web content filtering; and secure document sharing and collaboration solutions.
  o Responsible for primary or alternate management of all IT Security systems including patch management, upgrades, integration engineering, and reporting.
  Executes security related operational activities
  o Manages security incident detection, response, remediation.
  o Conducts cyber threat and vulnerability analysis and remediation.
  o Develops security metrics and manages reporting and compliance.
  o Serves as Incident Response Team member.
  o Supports operational implementation of FISMA/NIST standards and industry best practices.
  o Operates cloud-based security tools such as, Azure Security Center (Sentinel, Log Analytics, Azure WAF, Defender for Identity, Privileged Identity Manager); Microsoft 365 Security Suite (Defender, Advanced Threat Protection, Cloud Application Security, Protection Portal); Microsoft Security and Compliance Center; Microsoft Endpoint Manager (Intune); multi- factor authentication (MFA); web content filtering; and secure document sharing and collaboration solutions.
  o Manages IT Security awareness training program in coordination with the Learning Management team, to including developing and delivering IT Security awareness training modules.
  o Manages Password Management system in coordination with Service Desk.
  o Responds to IT Security trouble tickets generated by customers and IT staff. Identifies
  solutions, works with customer and OCIO team to execute solutions, and manages ticket input, updates, and resolution in the OCIO ticketing system to maintain service level agreements.
  Supports Security Operations and Engineering by providing technical solution support and
  expertise
  o Identifies security risks and recommends risk mitigation strategies.
  o Reviews new and existing systems to ensure baseline security requirements are met and to recommend security enhancements.
  o Develops security architecture and technical solutions for security products.
  o Collaborates with staff from OCIO and other business components to develop security controls and solutions for complex business systems and applications.
  o Develops and executes project plans to engineer, construct, deploy, and monitor/manage IT Security infrastructure solutions.

  o Demonstrates in-depth understanding of security requirements associated with cloud- hosted environments, services, and solutions.
  o Evaluates, recommends, and implements security controls associated with cloud-hosted
  environments, services, and solutions.
  o Evaluates, recommends, and implements security controls for mobile device solutions.

Requirements

• Degree in Information Assurance, Cybersecurity, Information Systems, Computer Science, or related field.
  SANS GIAC or ISC2 certification(s) (or equivalent)
  Microsoft certification(s): Azure Security Engineer Associate, Security Operation Analyst Associate, Identity and Access Administrator Associate, Information Protection Administrator
  Associate (desired)

  Secret Security Clearance

  Candidate will possess at least 7 years of specialized IT experience with at least 5 years in IT Security.

  Demonstrated knowledge of and ability to configure, manage, and administer cloud-based security tools such as, Azure Security Center (Sentinel, Log Analytics, Azure WAF, Defender for Identity, Privileged Identity Manager); Microsoft 365 Security Suite (Defender, Advanced Threat Protection, Cloud Application Security, Protection Portal); Microsoft Security and Compliance Center; Microsoft Endpoint Manager (Intune); multi-factor authentication (MFA); web content filtering; and secure document sharing and collaboration solutions.
  Skill and Ability in executing Security Operations including incident detection, identification, management, response, and reporting. Must have experience in incident response and management.
  Skill in making recommendations that significantly influence OIG s information security policies or programs. Experience building policies and preparing briefings to explain security programs and requirements to senior executives.
  Skill & Ability to provide expert technical advice, guidance, and recommendations to management and other technical specialists on critical information technology security issues.
  Skill & Ability to assess risk factors and advise on vulnerability to attack from a variety of sources and procedures for protection of systems and applications.
  Knowledge & Skill in implementing FISMA, NIST, OMB guidelines, and other Federal regulations and guidance. Experience interpreting and implementing FISMA/NIST requirements focused on the operational implementation and documentation of those requirements.
  Knowledge of security controls for cloud-hosted environments, applications, and services.
  Experience developing System Security Plans, Security Assessment Reports, Continuous Monitoring Plans, and Plans of Action & Milestones.
  Ability to ensure coordination and collaboration on security activities.
  Ability to effectively communicate both orally and in writing with management and other technical specialists.
  Ability to plan, organize and manage tasks on time with minimal supervision

Clearance
Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information. Secret Clearance Required.
Compensation and Benefits
Salary Range: $173,000 - 183,000yr (Compensation is determined by various factors, including but not limited to location, work experience, skills, education, certifications, seniority, and business needs. This range may be modified in the future.)

Benefits: Gridiron offers a comprehensive benefits package including medical, dental, vision insurance, HSA, FSA, 401(k), disability & ADD insurance, life and pet insurance to eligible employees. Full-time and part-time employees working at least 30 hours per week on a regular basis are eligible to participate in Gridiron s benefits programs.

Gridiron IT Solutions is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status or disability status.

Gridiron IT is a Women Owned Small Business (WOSB) headquartered in the Washington, D.C. area that supports our clients' missions throughout the United States. Gridiron IT specializes in providing comprehensive IT services tailored to meet the needs of federal agencies. Our capabilities include IT Infrastructure & Cloud Services, Cyber Security, Software Integration & Development, Data Solution & AI, and Enterprise Applications. These capabilities are backed by Gridiron IT's experienced workforce and our commitment to ensuring we meet and exceed our clients' expectations.

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.

IT Security Analyst - Security Systems & Operations Location: Arlington, VA Work Type: Onsite
Remote Work: Hybrid - Onsite as needed - must be drivable to Arlington VA
Job Description
Gridiron IT is seeking IT Security Analyst - Security Systems & Operations.

Responsibilities

• Manages and administers a wide range of security systems and tools:
  o Administers cloud-based security tools such as, Azure Security Center (Sentinel, Log Analytics, Azure WAF, Defender for Identity, Privileged Identity Manager); Microsoft 365 Security Suite (Defender, Advanced Threat Protection, Cloud Application Security, Protection Portal); Microsoft Security and Compliance Center; Microsoft Endpoint Manager (Intune); multi-factor authentication (MFA); web content filtering; and secure document sharing and collaboration solutions.
  o Responsible for primary or alternate management of all IT Security systems including patch management, upgrades, integration engineering, and reporting.
  Executes security related operational activities
  o Manages security incident detection, response, remediation.
  o Conducts cyber threat and vulnerability analysis and remediation.
  o Develops security metrics and manages reporting and compliance.
  o Serves as Incident Response Team member.
  o Supports operational implementation of FISMA/NIST standards and industry best practices.
  o Operates cloud-based security tools such as, Azure Security Center (Sentinel, Log Analytics, Azure WAF, Defender for Identity, Privileged Identity Manager); Microsoft 365 Security Suite (Defender, Advanced Threat Protection, Cloud Application Security, Protection Portal); Microsoft Security and Compliance Center; Microsoft Endpoint Manager (Intune); multi- factor authentication (MFA); web content filtering; and secure document sharing and collaboration solutions.
  o Manages IT Security awareness training program in coordination with the Learning Management team, to including developing and delivering IT Security awareness training modules.
  o Manages Password Management system in coordination with Service Desk.
  o Responds to IT Security trouble tickets generated by customers and IT staff. Identifies
  solutions, works with customer and OCIO team to execute solutions, and manages ticket input, updates, and resolution in the OCIO ticketing system to maintain service level agreements.
  Supports Security Operations and Engineering by providing technical solution support and
  expertise
  o Identifies security risks and recommends risk mitigation strategies.
  o Reviews new and existing systems to ensure baseline security requirements are met and to recommend security enhancements.
  o Develops security architecture and technical solutions for security products.
  o Collaborates with staff from OCIO and other business components to develop security controls and solutions for complex business systems and applications.
  o Develops and executes project plans to engineer, construct, deploy, and monitor/manage IT Security infrastructure solutions.

  o Demonstrates in-depth understanding of security requirements associated with cloud- hosted environments, services, and solutions.
  o Evaluates, recommends, and implements security controls associated with cloud-hosted
  environments, services, and solutions.
  o Evaluates, recommends, and implements security controls for mobile device solutions.

Requirements

• Degree in Information Assurance, Cybersecurity, Information Systems, Computer Science, or related field.
  SANS GIAC or ISC2 certification(s) (or equivalent)
  Microsoft certification(s): Azure Security Engineer Associate, Security Operation Analyst Associate, Identity and Access Administrator Associate, Information Protection Administrator
  Associate (desired)

  Secret Security Clearance

  Candidate will possess at least 7 years of specialized IT experience with at least 5 years in IT Security.

  Demonstrated knowledge of and ability to configure, manage, and administer cloud-based security tools such as, Azure Security Center (Sentinel, Log Analytics, Azure WAF, Defender for Identity, Privileged Identity Manager); Microsoft 365 Security Suite (Defender, Advanced Threat Protection, Cloud Application Security, Protection Portal); Microsoft Security and Compliance Center; Microsoft Endpoint Manager (Intune); multi-factor authentication (MFA); web content filtering; and secure document sharing and collaboration solutions.
  Skill and Ability in executing Security Operations including incident detection, identification, management, response, and reporting. Must have experience in incident response and management.
  Skill in making recommendations that significantly influence OIG s information security policies or programs. Experience building policies and preparing briefings to explain security programs and requirements to senior executives.
  Skill & Ability to provide expert technical advice, guidance, and recommendations to management and other technical specialists on critical information technology security issues.
  Skill & Ability to assess risk factors and advise on vulnerability to attack from a variety of sources and procedures for protection of systems and applications.
  Knowledge & Skill in implementing FISMA, NIST, OMB guidelines, and other Federal regulations and guidance. Experience interpreting and implementing FISMA/NIST requirements focused on the operational implementation and documentation of those requirements.
  Knowledge of security controls for cloud-hosted environments, applications, and services.
  Experience developing System Security Plans, Security Assessment Reports, Continuous Monitoring Plans, and Plans of Action & Milestones.
  Ability to ensure coordination and collaboration on security activities.
  Ability to effectively communicate both orally and in writing with management and other technical specialists.
  Ability to plan, organize and manage tasks on time with minimal supervision

Clearance
Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information. Secret Clearance Required.
Compensation and Benefits
Salary Range: $173,000 - 183,000yr (Compensation is determined by various factors, including but not limited to location, work experience, skills, education, certifications, seniority, and business needs. This range may be modified in the future.)

Benefits: Gridiron offers a comprehensive benefits package including medical, dental, vision insurance, HSA, FSA, 401(k), disability & ADD insurance, life and pet insurance to eligible employees. Full-time and part-time employees working at least 30 hours per week on a regular basis are eligible to participate in Gridiron s benefits programs.

Gridiron IT Solutions is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status or disability status.

Gridiron IT is a Women Owned Small Business (WOSB) headquartered in the Washington, D.C. area that supports our clients' missions throughout the United States. Gridiron IT specializes in providing comprehensive IT services tailored to meet the needs of federal agencies. Our capabilities include IT Infrastructure & Cloud Services, Cyber Security, Software Integration & Development, Data Solution & AI, and Enterprise Applications. These capabilities are backed by Gridiron IT's experienced workforce and our commitment to ensuring we meet and exceed our clients' expectations.

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.